RANSOMWARE attacks on Internet users worldwide grew by 2.6 times during the third quarter, Kaspersky Lab ZAO said.
From the month of July to September, encrypting ransomware threatened over 821,000 people across the globe from the month of July to September, the cyber-security firm announced in a statement on November 8.
The rise in the number of people attacked was third in a row during the third quarter, Kaspersky Lab noted.
“Encrypting ransomware—malware that encrypts a victim’s files and demands a ransom in exchange for file decryption—is still one of the most widespread types of activity that modern cybercriminals are involved in,” the cyber-security firm said.
Ransomware requires a small cost to develop but capable of generating big money if the attack becomes successful, Kaspersky Lab added.
“Crypto ransomware continues to be one of the most dangerous threats, both to private users and to businesses,” said Fedor Sinitsyn, who is Kaspersky Lab’s ransomware expert. “The recent jump in the number of attacked users may have been provoked by the fact that the number of modifications of ransomware we detected in Q3—more than 32,000 modifications—was 3.5 times more than in Q2.”
Sinitsyn suspected that the rise in the number of threats in the third quarter could be “due to the fact that security companies nowadays invest a lot of resources into being able to detect new samples of ransomware as fast as possible.” This led cyber criminals to create more new modifications of malware to steer clear of detection, he said.
According to Isaac Sabas, who is CEO of the homegrown Pandora Security Labs, the majority of ransomware infection in the Philippines are communicated through malicious web sites.
“They are disguised as legitimate sites, but actually are exploiting your browser to install the malware,” he said.
Legitimate web sites have green lock on the URL bar with the company’s name, Sabas pointed out.
Internet users could distinguish legitimate web sites from the malicious through domain name, or check if the site is EV SSL (Extended Validation Secure Sockets Layer)-enabled, he noted.
“Besides increasing their number of victims, criminals are also exploring new geographies,” Kaspersky Lab said.
The countries with most number of encrypting ransomware attacks in the third quarter include Japan (4.83 percent), Croatia (3.71 percent), South Korea (3.36 percent), Tunisia (3.22 percent) and Bulgaria (3.2 percent).
According to Kaspersky Lab IT Threat Evolution in Q3 Report “the number of users attacked with banking malware grew by 5.8 percent and reached over 1,198,000.
“Browsers and Android OS remain the most frequently attacked software when it comes to exploits,” Kaspersky Lab said. “Forty-five percent of exploits detected by Kaspersky Lab were aimed at browsers, and 19 percent of these malicious programs were built to exploit weaknesses in the popular Android mobile operating system.”
Sabas scaled the vulnerability of Filipino Internet users 6-7, with 10 as worst.
He also sensed that ransomware threats in the Philippines would continue to grow.